AT&T Networking Exchange Blog » Steve Hursthttp://networkingexchangeblog.att.com
Connect, engage and innovate with our network and technology experts, and explore new ways to power your business.Mon, 02 Mar 2015 22:36:19 +0000en-UShourly1A non-clairvoyant approach to improving security http://networkingexchangeblog.att.com/enterprise-business/4-proactive-steps-help-improve-security/
http://networkingexchangeblog.att.com/enterprise-business/4-proactive-steps-help-improve-security/#comments
http://networkingexchangeblog.att.com/wp-content/uploads/2014/12/141215-4-proactive-steps-to-help-improve.jpg Mon, 15 Dec 2014 11:45:00 +0000Blog4_proactive_steps_help_improve_security
Steve Hurst http://networkingexchangeblog.att.com/author/steve-hurstSecurity in the Enterprisehttp://networkingexchangeblog.att.com/?p=55986Trying to predict when a network or data breach will occur is a complicated task. Lacking the resource of a good soothsayer, you can only see nefarious happenings on an organization’s network once events have begun to affect the hardware and controls that make up our multiple layers of defense. To be proactive, you need to take action before a vulnerability or an active security event has been discovered. So, how can you see into the future, and what proactive cyber defenses should be employed?

Steps to help predict the future

Unless you are a true prophet, you can’t accurately predict the future. However, with predictive security, you can help reduce your operational risk by implementing these four primary activities:

When combined, these actions can help reduce risks to your environment. Therefore, security is proactively improved.

What’s normal?

Large scale event correlation helps you define what’s “normal” for your environment. When you know what patterns are normal, it is easier to identify things that are different. By partnering with AT&T to address your security requirements, you can use the AT&T Security Event & Threat Analysis service to help analyze what is crossing the public Internet to your benefit. When action is taken based on high probability signs, or precursors, of possible attacks, you can proactively stop high risk activities before they start to get out of control.

Not all alerts are created equal

I need to caution you about reacting to items that have minimal potential risk impact. Worst yet, you may become like Chicken Little, screaming that the sky is falling when it is barely raining. Focusing your energy on potential events will burn out your team, cause them to lose focus on critical cyber risks, and reduce credibility with upper management. However, by using social media data analysis in addition to security event analysis, you may see correlations in advance of an actual event, allowing for better prioritization to help reduce risks.

Predictive security, or more honestly stated, aggressive risk reduction, is the result of taking many small steps and analyzing critical data to determine your vulnerabilities, then taking action to reduce the risks discovered. This way, you make a proactive impact to reduce risk to the organization and the critical data within it.

Like the heroes of old, by layering multiple defenses and looking at the signs, you too can help protect your prized possessions from being stolen. Learn how AT&T Managed Security Solutions can help you layer your defenses.

]]>04 Take-Aways from RSA 2014 http://networkingexchangeblog.att.com/enterprise-business/4-take-aways-rsa-2014/
http://networkingexchangeblog.att.com/enterprise-business/4-take-aways-rsa-2014/#comments
http://networkingexchangeblog.att.com/wp-content/uploads/2014/10/14-03-07-4-take-aways-from-rsa_35712.jpg Fri, 07 Mar 2014 12:00:00 +0000Blog4_take_aways_rsa_2014
Steve Hurst http://networkingexchangeblog.att.com/author/steve-hurstSecurity|Security in the Enterprisehttp://networkingexchangeblog.att.com/?p=35712At this year’s 2014 RSA Security Conference, trust was a recurring theme, matched only with intelligence and Big Data. These three topics helped to balance the conference’s official theme of “Share, Learn, Grow” — and reflected the desire for businesses to get more information from their data and to keep that information secure. From the show floor to charitable giving, this year’s conference offered much of interest.

On the show floor, conference attendees got a look into virtual environments featuring ways to protect data between devices. There was an emphasis on detecting the signs of an attack early, and proactively mitigating the newly detected event. New security models were also discussed.

Sessions covered a variety of topics — from protecting smart cars as part of the Internet of Things to corporate identifying common challenges of today’s Chief Security Officers (CSOs). Conversations among attendees were focused on two key topics: the transformation of security as threats continue to increase in volume, size and sophistication, and the concern that such “hot” technologies as M2M and Big Data are bypassing the steps needed to protect information in favor of a faster time to market. Thanks to the flexibility and ease of cloud computing we are seeing the growth of information system and network development; however, as fast as we solve a problem, the next challenge seems to spin out of control.

New this year were two creative fast pitch concepts. The first hosted 20-minute presentations that had the time constraints of a “TedTalk” (often without the passion typical of such a talk). The second, “Flash Talks” session brought both passion and speed when six security professionals presented their own favorite topics in just over six minutes each

A brilliant addition to the conference was a spotlight on the CharityWater.org program, which showed us all how we can participate in helping many have access to something we take for granted: clean water. Over the week donations were collected — or made by participating in information security focused events — that will be used to produce two wells for towns in Africa. I applaud RSA for bringing the show back to reality in such an effective manner.

What security — and human — challenges is your organization working to solve in 2014?

]]>0Security’s Evolutionary Theory http://networkingexchangeblog.att.com/enterprise-business/securitys-evolutionary-theory/
http://networkingexchangeblog.att.com/enterprise-business/securitys-evolutionary-theory/#commentsThu, 25 Apr 2013 14:10:37 +0000Blogsecuritys_evolutionary_theory
Steve Hurst http://networkingexchangeblog.att.com/author/steve-hurstSecurity|Security in the Enterprisehttp://networkingexchangeblog.att.com/?p=28809Security and risk awareness have been part of the lives of humans from the very earliest days. At its core, security focuses on keeping things safe. In a business environment, complete safety can restrict access and availability, and is therefore impractical. Focusing solely on security, without balancing associated risk, is unrealistic, as businesses need to take certain risks to grow and be profitable. Let’s look at the history of security and risk to see how we can bring the focus back to business risks and away from simply protecting, or securing, assets.

A long time ago in a place not so very far away…

Near the dawn of historical time, people lived in extended family units. The men, mostly, went out and killed wild beasts to bring home meat for the family while the women and children, mostly, gathered the fruit and berries that were the gastronomical main stay.

Hunting was a high risk activity, since both the prey and their natural predators tended to travel together. People would, more often than not, be injured or die while hunting prey, or the predators (let’s call them lions) would drag off a family member while they were preparing meat from the hunt.

At some point, the family group decided to reduce the risks and started to capture and keep the animals they were hunting. This took some time, but eventually we settled down into villages where food could be grown and meat was readily available. Living in villages allowed multiple families to live together and helped reduce, but not eliminate, threats from predators. On occasion, the lions would sneak into the village at night to steal meat, and sometimes even a village member!

Threats come from inside as well as outside

To protect the people, the village elders decided to put a fence up around the village that could be closed at night to keep the lions out. This strategy reduced the risks by protecting against the threat of lion theft and attacks. It worked until a dead villager was found and their meat was missing. Lions were blamed until no signs of a lion attack were found. At this point, the villagers realized that, though not as numerous, there were some serious risks inside the village gate.

The walls get stronger

This fence-and-gate mentality was expanded, as villages grew into cities and elders became knights, dukes, and kings. As the leaders became more important, the fence was replaced with walls and a castle with a fortified tower. The castle was stronger than the fence. However, in the heat of battle between two opponents, there was always the chance that someone from inside the castle walls would let the attackers in, resulting in significant loss. These risks were considered minor, until that breach occurred, and then were recognized as an acceptable risk. As defenses were expanded, technology kept up with new methods of attacking. Within a castle, more layers of defense could be put in place between the attackers and their new methods of attack (not just lions any more), and the goal of their conquest (food, gold, fair maiden, the king). With multiple defensive layers, the risk of a successful attack was reduced to an acceptable level. Over time, as technology continued to evolve, so did our means of protecting ourselves.

Protecting the keys to the kingdom

Eventually, in business, as in life, we realized that all types of fortification were only as strong as the walls protecting them. This was the catalyst to the invention of encryption. Encryption allowed us to hide messages in transit and protect information at rest while still in our keeps. This focus on layered security continued as information technology infrastructures for business were developed. Security has often been considered a business inhibiter — curtailing the use of new technology and innovation. With the use of electronic networking, the battle between security and business continues to grow. Evolution of networking

Networking today has evolved so that the gate, or wall, around our business is assumed to be breached.We are electronically connected to our business partners at a system level, and most of us are accessing our email from smart mobile devices we keep in our pockets. The current industry trend is that smart mobile devices and tablet computers are going to replace the PC and laptop. This means that critical business data will need to be, or is, housed in a shared information system in a corporate data center or in “the cloud” where the security around it is further out of your control.

Evolution of security

As with the path from moveable structures to villages and castles, security innovation continues to evolve. As a result, IT security professionals are adapting to keep pace with this evolution. They are beginning to focus on business risks and are partnering with other business units to allow new innovations to be used quickly while allowing the business to operate inside their acceptable risk parameter.

The bottom line

We need to start looking at security not as breach prevention or loss prevention, but as an integral part of the business decision-making process to identify and mitigate, or lessen, business risks not just protect information needed to run the business.

]]>0Top 10 Security Challenges For 2013 http://networkingexchangeblog.att.com/enterprise-business/top-10-security-challenges-for-2013/
http://networkingexchangeblog.att.com/enterprise-business/top-10-security-challenges-for-2013/#comments
http://networkingexchangeblog.att.com/wp-content/uploads/2014/11/13-03-29-Top-10-Security-Challenges-For-28139.jpg Fri, 29 Mar 2013 14:10:02 +0000Blogtop_10_security_challenges_for_2013
Steve Hurst http://networkingexchangeblog.att.com/author/steve-hurstCloud|Cloud Enabled Business|Mobile Business Technology|Mobility|Security|Security in the Enterprisehttp://networkingexchangeblog.att.com/?p=28139For security professionals 2012 was a very exciting year. We saw some major changes in information security attack strategies, known as vectors, and an increase in their public visibility. Advanced Persistent Threats (APTs) became more common and mobile and wireless security came into the forefront of our threat indices. Distributed Denial of Service (DDoS) attacks became cloud-based, leveraging virtual servers to generate ultra-high bandwidth attacks.

We expect 2013 to be even more exciting based on the following Top 10 security challenges identified by AT&T Information security researchers and engineers. Let’s review this list of challenges and evaluate how to reduce risks and protect the critical information that manages our business.

1. State-sponsored espionage: This challenge highlights the need to protect critical data from politically or financially motivated threats. Critical data includes the information needed to run network attached infrastructure as well as the intellectual property used to manage business and drive innovative solutions.

2. DDoS attacks: Security professionals in the financial services industry are likely to agree to our second challenge: monster DDoS attacks. We can expect to see a higher risk of business impacting threats with the shift from computer-based attacks, generating large number of lower bandwidth events, to virtual server or cloud-based attacks, generating ultra-high bandwidth events. With these new attack vectors it becomes even more beneficial to identify and mitigate large DDoS events while traffic is in the network cloud.

3. Cloudmigration: 2013 is being promoted as the year companies will move critical systems into the cloud. This migration into virtual shared infrastructures changes how we address information security and risk management. The challenge is that cloud security processes and solutions are still being developed. Ultimately, with innovation and planning, cloud services could reduce business risks by providing greater flexibility, resiliency and security.

4. Password management: Our challenge is putting in place and enforcing stronger user-controlled passwords that are less likely to be broken. This educational and administrative challenge requires creative solutions and enforced policies. Or, we can look at alternatives to traditional passwords, such as the use of Federated ID’s.

5. Sabotage: Sabotage of computer networks can affect critical infrastructure and ultimately impact corporate and backbone networks. This challenge is so potentially perverse because it combines social engineering with software based tools to provide a complex multi-vectored attack profile.

6. Botnets: Botnets are everywhere. The challenge is that many botnet owners design systems that are more adaptive and redundant than many corporate and government networks. Controlling this agile attack vector before it can be used as an Advanced Persistent Threat (APT) and migrates into smart mobile devices is crucial.

7. Insider threat: A dissatisfied employee base provides a vector for insider security events, while the inadvertent injection of malware through removable media or Web interconnections can make any employee the origination point for a network security violation.

8. Mobility: Management and security of mobile networks and smart mobile devices becomes even more challenging when employees want to use their own devices for business purposes. The Bring Your Own Device (BYOD) trend exasperates this challenge when we look at protecting the critical information needed to manage the organization and the network without sacrificing the privacy of employee’s personal information and activities.

9. Internet: One of the greatest challenges to security professionals is the perception that the Internet, a best effort network, is a secure critical infrastructure. The Internet is an open connection of diverse networks. The 2013 challenge is to start treating critical networks as if they are critical to our operations. We need to put into effect policies that distinguish platforms and security levels based on business criticality. Control networks need different security than general business communications. This includes using network embedded security controls to help reduce risks and to simplify security infrastructure.

10. Privacy laws: This final challenge is currently being legislated worldwide. We need to balance privacy with the need to gather information that can help address security breaches or fraud, while complying with associated legislation.

All of these challenges will affect how we treat risk and security this year and in the years ahead. By leveraging network embedded and end-point security solutions with innovative thinking, we can all be part of the solution that overcomes this year’s security challenges.

]]>0Developers Were Hired to Develop, Not Adopt http://networkingexchangeblog.att.com/enterprise-business/developers-were-hired-to-develop-not-adopt/
http://networkingexchangeblog.att.com/enterprise-business/developers-were-hired-to-develop-not-adopt/#commentsTue, 22 Mar 2011 16:00:58 +0000Blogdevelopers_were_hired_to_develop_not_adopt
Steve Hurst http://networkingexchangeblog.att.com/author/steve-hurstCloud|Cloud Enabled Business|Mobile Business Technology|Mobility|Security|Security in the Enterprisehttp://networkingexchangeblog.att.com/?p=2023MEAP! MEAP! Wooooosh!!! When someone talks about MEAPs all I can think about is the speedy Road Runner of Warner Bros. cartoon fame. The speed and flexibility of that agile, flightless bird kept Wiley E. Coyote at least a step behind. As big a fan of the Road Runner as I am, I’m an even bigger fan of MEAPs. And a few of my application developer friends are bigger fans than I am (of MEAPs, that is, not necessarily of the Road Runner). Why, you ask? MEAPs, or Mobile Enterprise Application Platforms, increase development speed by taking the load off, so to speak. They free up developers to innovate and add business value rather than having to spend most of their time figuring out how to integrate their software with multiple devices.

Creating Wasted Effort

Mobile devices—from notebooks to smartphones and tablets—are being built with faster processors, expanded memory and high-resolution screens. Networks are getting faster and are converging while the variety of devices continues to grow. This is good for the company’s bottom line, but this uptick in technology has handed developers quite the challenge: deploy, manage, update applications and devices, track data flows, transactions, comply with regulations, and do so safely and securely. No wonder developers spend more and more of their time adapting applications for specific devices.

While spending all that time integrating an application into multiple devices expands its distribution, it doesn’t do a thing to improve the application itself. But if those tasks were taken care of, developers could spend their time developing and enhancing applications that advance the business. This is where MEAPs come in.

How To Increase Efficiency

In a nutshell, MEAPs accelerate and simplify the development, deployment and management of smart-client-based mobile applications, and are, I believe, a key element in new mobile enterprise structures. MEAP solutions are also highly scalable, are faster and come at a lower-cost. Based on an open, flexible architecture, MEAPs also help companies (like the Road Runner) quickly adapt to emerging technologies such as HTML5.

AT&T’s Advanced Enterprise Mobility Solutions’ team recently put together a white paper that compares MEAP to other popular application development and deployment models. If your developers are spending too much time adapting (like the Coyote) and not enough time innovating (see Road Runner), I believe your IT department will find this white paper informative.

]]>0Fly Me To…The Next Generation Smartphone http://networkingexchangeblog.att.com/enterprise-business/fly-me-to-the-next-generation-smartphone/
http://networkingexchangeblog.att.com/enterprise-business/fly-me-to-the-next-generation-smartphone/#commentsTue, 15 Mar 2011 10:00:06 +0000Blogfly_me_to_the_next_generation_smartphone
Steve Hurst http://networkingexchangeblog.att.com/author/steve-hurstMobile Business Technology|Mobilityhttp://networkingexchangeblog.att.com/?p=2020I’m on a plane flying between Texas and southern California and, as is often the case in these situations, space is limited. Making things even more interesting, the jet stream is really moving. The seat belt sign is going on and off so much, it’s almost pulsating. So much for night skies being more calm. The amazing thing is that thanks to advances in mobile technology I can be productive, even though I’m confined to a small square of space and am dealing with a bumpy ride—all by utilizing the capabilities of my smartphone (except, of course, when taking off and landing). Right now my personal device of choice is the Motorola BACKFLIP (big fingers don’t like little bitty keys), but I’m waiting, and not too patiently, for even more powerful and capable smartphones to be made available.

These innovations in technology allow all of us to materially change the way we do business. If this flight had WiFi available, I could check email, surf the web, or even watch a movie while in flight. (In-Stat numbers show that at the end of 2010, about 2000 commercial aircraft offered in-flight WiFi, almost triple the number that offered it at the end of 2009). Having this kind of access moves the productivity and entertainment bars dramatically toward true ubiquitous access. Though I don’t actively hear it, WiFi connectivity, in theory as well as practice, makes it possible to participate in web-based meetings, document sharing, and even voice calls—all on a smartphone. Not that you’d want your fellow airplane passengers conducting his or her meeting while flying (time to get out your noise-canceling headphones), but these capabilities mean you could do a lot more than you’re currently doing.

Being a bit of a space exploration nut, I can foresee manned flights to an asteroid or to the moon where astronauts use handheld devices to conduct their research and stay in touch with earth that are equipped with more computing power than the laptop-sized computers that run the space craft itself.

It boggles the mind….From 30,000 feet

]]>0No Glasses Needed: Sharp’s 3D-Enabled Smartphones http://networkingexchangeblog.att.com/enterprise-business/no-glasses-needed-sharps-3d-enabled-smartphones/
http://networkingexchangeblog.att.com/enterprise-business/no-glasses-needed-sharps-3d-enabled-smartphones/#commentsMon, 28 Feb 2011 11:00:17 +0000Blogno_glasses_needed_sharps_3d_enabled_smartphones
Steve Hurst http://networkingexchangeblog.att.com/author/steve-hurstMobile Business Technology|Mobilityhttp://networkingexchangeblog.att.com/?p=1868Display technology keeps moving forward. Over the past fifty years we have gone from watching 3D movies while wearing funny red and green glasses, to 180o IMAX screens, to color presentations using 3D effects to enhance our entertainment experience. Last year 3D televisions made a big splash in the market as a new and immersive way to enjoy televised sports, computer gaming, and more. The newest video 3D technology even allows you to experience the visual effects without the need for special glasses. Known better as “naked eye,” this innovation brings us one step closer to the Star Trek-inspired holodeck 360o 3D immersive experience.

Mobile 3D

Now the drive is to bring a 3D experience to you when you’re watching programs on your smartphone or mobile gaming console. When it comes to mobile devices, it’s even more important to use a technology that doesn’t require special glasses. (If you’re wearing funky glasses, it could impair your ability to safely interact with the world around you.) To bring a “naked eye” 3D experience to mobile users, Sharp released two 3D-Enabled smartphones, the Galapagos 003SH and 005SH, just before the end of 2010. Consumers in Japan can now watch 3D content on their “naked-eye” 3D display cell phones.

According to the online spec sheets:

the phones run on an Android 2.2 operating system

sport 3.8-inch touchscreens with 800 x 480 resolution,

but the 005SH comes with a few more bells and whistles, like a QWERTY keyboard and a 32G microSDHC slot.

3D Integration Into Work Environments

Given that texts, emails and calendars don’t benefit from 3D, I’m guessing these phones will appeal more to the gaming and video crowd than business types. But I can foresee a use for these devices in the construction, engineering and healthcare arenas, especially on a 3D tablet PC with a larger screen. Other software could give us a different way of seeing data that may help in identifying data anomalies resulting in faster analysis for Cyber-Security and pharmacologic and other complex research. This type of portable display could even be as impactful as the early computational calculators allowing research to take place outside the office environment.

There are a few 3D tablet PCs on the market, and in early February, LG, the South Korean electronics company, announced its Optimus Pad, an Android 3.0 3D tablet PC. The device will be available in the U.S. this spring, according to Laptops.co.uk, via T-Mobile USA. The device will feature a 3D screen and a 3D capable camera—but users will still need to wear special glasses.

The Future of 3D Smartphones

Special glasses or not, a 3D-enabled smartphone? It makes the Star Wars’ hand held holoprojectors look possible. As a confessed techo-geek, that’s pretty darn cool. Today, for a few of my gadget and game loving friends, a 3D-smartphone is a must have; for my researcher friends this could be the start of the next technology revaluation.

I haven’t been able to play with a 3D phone yet so if anyone has seen a Sharp Galapagos 003SH/005SH in action, let me know.

]]>0Get Ready to Keep Your Enemies Closer http://networkingexchangeblog.att.com/small-business/get-ready-to-keep-your-enemies-closer/
http://networkingexchangeblog.att.com/small-business/get-ready-to-keep-your-enemies-closer/#commentsMon, 14 Feb 2011 11:02:15 +0000Blogget_ready_to_keep_your_enemies_closer
Steve Hurst http://networkingexchangeblog.att.com/author/steve-hurstSecurity|Security in the Enterprisehttp://networkingexchangeblog.att.com/?p=1751I was sitting on a plane this morning (the flight was delayed), and the crew was in a quandary. There was a weight problem. There was a strong, 190mph-plus headwind, which meant the plane would need to carry additional jet fuel to avoid stopping for gas during the flight. But the flight was fully booked, 78 seats and 78 passengers, and could only accommodate 70 pieces of luggage. Something had to give. If a few passengers agreed to take a later flight we could leave. Some kind passengers in the front of the plane “volunteered” (not me—as a last minute reservation, I was stuck in the back), and we made the required weight for takeoff.

You may ask, “What does this have to do with system complexity, and proactive security. Well, let me tell you. The process of building and operating a jet is extremely complex. Coupled with the calculations needed to estimate range and arrival time based on a wind speed reading at 28,000 feet and equate that to the weight of a the plane at takeoff…. It boggles the mind. To take into account all variables necessary to avoid unscheduled fuel stops is to be proactive. Airlines know that any one of their customers can drive negative messaging against the carrier if he or she has a bad experience. As my fellow passengers and I bounce along at 30,000 feet, the plane dipping and rolling like an old wooden roller coaster, my mind goes to the passengers and their luggage that were on a flight behind us.

Security Evolution

Security systems are designed and built with a capacity to incorporate more complexity over time as requirements and regulatory and operational needs expand and change. Threats, and therefore risks, continue to morph across multiple vectors on both sides of the defined network edge. These adages are true for all types of organizations and have held true throughout time. The business of information, network, and data security also changes and adjustments are made in light of these changes to reduce organizational risk.

Over time, security design, in the quest to find a better way to maintain data privacy, integrity and operational availability, has moved from simple filters at the actual network edge to that of a defense in-depth architecture across multiple layers and multiple network segments. Improvements in security design are about being more efficient, more cost effective, and more secure—you can’t just pick two. While it’s true that this has led to improvements in security, it’s also often led to controls that are large, overly complex, and that result in heavy infrastructures. Like my plane, organizations need to drop their weight (reduce complexity) in a way that will not compromise the integrity of the assets (passengers) being protected. Many times this requires outsourcing part, or all, of security operations or analysis.

The Simplification of Security Infrastructure

Airlines and information security departments both need to make the complex simple and reduce risk—all while leveraging every available resource to achieve maximum benefit for a minimum cost. On February 22nd (1:00 PM EST/10:00 AM PST) please join me and Khalid Kark, Forrester Research Inc. VP-Research Director, as we review new findings on the simplification of security infrastructure and how AT&T can help position your company’s security infrastructure to be more proactive. You can register for the Webinar by visiting the AT&T Networking Exchange or following this link: Keep Your Enemies Closer: Get Proactive about Security.

]]>0Clear Security In a Cloudy World On Demand http://networkingexchangeblog.att.com/enterprise-business/clear-security-in-a-cloudy-world-on-demand/
http://networkingexchangeblog.att.com/enterprise-business/clear-security-in-a-cloudy-world-on-demand/#commentsWed, 26 Jan 2011 18:49:27 +0000Blogclear_security_in_a_cloudy_world_on_demand
Steve Hurst http://networkingexchangeblog.att.com/author/steve-hurstSecurity|Security in the Enterprise|State and Local Governmenthttp://networkingexchangeblog.att.com/?p=1354On January 19th I participated in a Webcast where we explored the history of network security, specifically the firewall, and looked at technologies that can help keep organizations secure as network communication continues through another innovation cycle.

This Webcast, Don’t Fire Your Firewall – Clear Security Measures for a Cloudy World, is now available On Demand.

What are your thoughts around network security?

]]>0Clear Security in a Cloudy World http://networkingexchangeblog.att.com/enterprise-business/clear-security-in-a-cloudy-world/
http://networkingexchangeblog.att.com/enterprise-business/clear-security-in-a-cloudy-world/#commentsWed, 12 Jan 2011 21:29:27 +0000Blogclear_security_in_a_cloudy_world
Steve Hurst http://networkingexchangeblog.att.com/author/steve-hurstCloud|Cloud Enabled Business|Security|Security in the Enterprisehttp://networkingexchangeblog.att.com/?p=1132If you have been in the Information Technology business for only one technology refresh cycle you may not know a world that included open public networks where computers on an organization’s network may have been directly connected to and accessed by computers around the world. This isn’t some future vision by hard line members of the Jericho Forum, this was the dawn of the Internet way back when many readers were but glints in their parent’s eyes (well, some of us had glints in our eyes; that though is another story).

Over the past quarter century, or so, we have experienced numerous changes in how people and organizations use network based communications. We have gone from cans and strings to having the ability to share our thoughts across the globe almost at the moment we conceive of an idea. And yes, in many ways we are starting to come full circle with networked devices seemingly in direct contact with each other. Now, you may ask - How was network security addressed in the past? What technologies are still relevant today and what does tomorrow hold? Are there solutions that can help keep my organization compliant with rules and regulations that too were glints in someone’s eyes over two score ago?

On January 19th I participated in a Webcast where we explored the history of network security, specifically the firewall, and looked at technologies that can help keep organizations secure as network communication continues through another innovation cycle. The Webcast, Don’t Fire Your Firewall – Clear Security Measures for a Cloudy World, is now available On Demand.